While conducting security audits of our databases, I noticed that the DBA role has three privileges I've never heard of, let alone used:
UNDER ANY TABLE
UNDER ANY TYPE
UNDER ANY VIEW
I can't find anything in the Oracle documentation or on Metalink about them.
Is it possible to get a list of tables in a schema on which Audits are enabled.
View 2 Replies View RelatedEnabling of auditing in oracle database, can this be done on some tables or applied on the whole schema/user.
View 5 Replies View RelatedHow can I list all the roles and privileges of roles in Oracle? Can I get the details of the activities they perform?
View 12 Replies View RelatedMy tables are in ers_stg schema and code which collects state on these table are in etls_ers schema, what permission i need in order to get the stats collected from etls_srs schema. i am getting in sufficient privilege error.
View 1 Replies View RelatedWhen i try to grant all privilege to a object i get error
SQL> GRANT ALL PRIVILEGES ON tab1 TO PUBLIC;
GRANT ALL PRIVILEGES ON tab1 TO PUBLIC
*
ERROR at line 1:ORA-01929: no privileges to GRANT
how to check the user has privilege to use grant privilege or grant all privileges to object and what privileges exist in ALL PRIVILEGES.
As how do I query, as when was the last time or rather list of privileges changes done for a db user and what was the changes made?
View 1 Replies View RelatedI am a java developer and would like to install data locally in my computer for testing purpose.
I login as sysdba in sqlplus, created a user.
In the installation documentation it said :
This user should have at least the following privileges.
CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE PUBLIC SYNONYM, CREATE USER, CREATE ROLE, CREATE SEQUENCE, CREATE SESSION CREATE TRIGGER, AND CREATE TYPE.
If you choose, you can grant DBA role to this user.
Note: Coeus Schema owner should have CREATE USER and ALTER USER right explicitly granted to it, not through a role like DBA.
1)How to grant all this prvileges to that user ?
2)How this user will have CREATE USER and ALTER USER right explicitly granted to it, not through a role like DBA ?
grant insert,update,delete,select on staging_tb1 to public;
What is public here? i know something about public user like it is users exist in the database .
Which Privileges required to create a trigger like after logon on database. I have grant Create any trigger privilege to user but still not able to create and give me an error insufficient Privilege.
View 5 Replies View RelatedWhile trying to logging to database through pl/sql developer, getting error as "ORA-01031: insufficient privileges".But am able to logging by system.
As per the instruction by the below link, checked the privileges of ord_dba. All are correct. Now, i am in puzzle to rectify the error.
[URL]
regarding Database Hardening, i am new to this concept
View 2 Replies View Relatedi have created a database on my pc and i have given a password at the time of installation , after the installation it is accessed successfully by the given password , but i observed that when i gave anything in password then it is also accessed by it and i don't have any other database of this same name.
And when i access it through another system then it is accessed only by its original password not by any other password.
how can i secure my database from hacking by any one of these:
1-sql injections
2- DON(Danial Of service)
3- buffer overflow
4- listner hack
We have Employee table, there is a field name Employee_no. field size is 6.can we restrict some one not to increase or decrease the field size of Employee_no. even User has admin role.
is there any way to restrict admin user that he should not allow to enter the value of field more or less than 6 characters through Toad or SQL Plus 8.0.
------------------------------------------------------
for example
field: employee_no
feild_size: 6
field_type: Varchar2
When we enter Employee no A000001(7 digit) then database not allowed to update because its field size is 6 characters we want to restrict admin user in Toad or SQL Plus 8.0 because he is Toad and SQL Plus user.
Is there any setting on oracle that allows to disconnect users automatically and display a message to users such: "Try a new connection to the db in 30 minutes"?
View 7 Replies View RelatedWe currently hardcode the password inside our Java application to make the connection with the Database,this makes the password to be visible to all users who can read the application code. How can we encrypt the database password so we don't have to hardcode it into the application?
View 1 Replies View Relatedwhat sort of queries IT auditors run against the database? assist me wit these so that I can run them before hand in order to sort out any security vulnerabilities which we might potentially have prior to this being picked up by external auditors?
View 2 Replies View RelatedI am having one table Where,different country names are stored. while viewing data, I have to make sure that if country name having "USA" can only view its data. How can i do at DB level without passing where clause. Is Virtual Database in this case?
View 25 Replies View Relatedhow to encrypt 9i database-link passwords? In 10g when we browse the link it show **** but in 9i it shows the actual password.
View 5 Replies View Relatedquery to find the current user accessing the database
View 5 Replies View RelatedHow can I export FGA / row level security policies from one database to another? I have created a new version of my schools ERP database, with upgraded application software, and now need to get the policies from our current production system to the new one.
View 5 Replies View RelatedI'm checking the possibility to use Active Directory to log on the our Oracle databases. But only for dba's and developers, not application users. We use Oracle 10.2.0.4 (and soon 11g) As OS on the databaseserver we use AIX5L 5.3
Is it possible to implement Active Directory on databases running on AIX ? If it is possible, what must be done to get it to work, software ... etc ?
While installing datavault on 11g database, getting error in between the process. Error is as below -
ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACADM" line 1740
ORA-06512: at line 1
how to rectify the problem.
I used the below link for configuring database vault on existing database.{URL]////
Database 11.1.0.7
Applications 12.1.3
OS RHEL 5.5
how to configure log miner with oracle database 11g as we need to analyze redolog files.how to install,configure,use log miner.
I'd like to have my 11g database authenticate users against an OpenLDAP service. We'd still create accounts in the database, and do authorization within the database, but I'd just want to the user's passwords authenticated externally, against the OpenLDAP service. Is this possible? My searching through these forums and Google seems to indicate that you can do it if you run an Oracle Internet Directory (OID) service. I do not want to have to install and maintain an Oracle Internet Directory service. I'd like to do it without it.
I have a working PL/SQL function (below) that can authenticate a passed in username & password against our OpenLDAP directory. Is there any way for me to have Oracle call this function for the database user authentication? Or is there any other way for me to get the Oracle database to directly authenticate against OpenLDAP without having to run OID?
create or replace function ldap_authenticate(username varchar2, password varchar2)
return boolean is
begin
begin
if dbms_ldap.success = dbms_ldap.simple_bind_s(
[code]........
Is there a way where we can audit database session from a particular applications? For example : We need to audit Toad and SQL developer sessions .
View 1 Replies View RelatedMy database is hung while generating the AWR report. I observe the mmon is running for long time. is it okay if i kill, will that have any impact to database.
View 2 Replies View RelatedIs there a way to find out the user access the database?
View 1 Replies View Related understanding where to store the static SQL code (Database or Application).Consider a scenario, that I am executing a simple SQL from Java which is returning some value, and it will not be changed in future.
should I store this sql in java application code or in database in form of procedure/function and returning the result to Java. Is there any security/performance impact?